Earlier this year we released our annual Phishing Trends and Intelligence report, which highlights how the phishing landscape has evolved over the past year.
'Tis the season for shopping, time spent with friends and family, and preparations to celebrate the holidays. As most of us plan for the coming season, cyber criminals are looking for opportunities to catch victims off guard and steal valuable personal information. People looking to supplement their gift-giving budget with a seasonal holiday job should take a close look at job listings before pursuing offers found online or in their email inboxes. Job scams target those looking for part-time holiday work, specifically aiming to steal personally identifiable information that is often requested on applications for employment. We have observed mass spam email-based job scams using branding from well-known retailers such as Target and Walmart that commonly offer seasonal employment.
A Java-based Adwind Remote Access Trojan campaign has been observed sending spam emails containing a malicious JAR file under the guise of “Request For Quotation,” “Transfer Import,” “Swift Copy,” “Proforma Invoice,” “DHL Delivery Notification” and many others. Adwind, also known as jRAT and JSocket, is a cross-platform remote access tool designed to run on Mac OS, Windows, Linux, and Android systems to exfiltrate sensitive data from its victims. It has been known to, but is not limited to, log keystrokes, take pictures and record audio, steal cached data such as passwords and form fills, download/execute malware, amass system and user information, and modify registry entries.
When people think about phishing, their mind often turns immediately to ransomware. And for good reason. After all, there have been dozens of high profile ransomware attacks in recent months.
But you know what? An even greater proportion of phishing lures don’t contain ransomware. Instead of extorting money from you, they have an ulterior motive: they’re designed to steal your identity.
Well, OK. They’re designed to steal your login credentials… but in reality that isn’t far short of stealing your identity.
Originating in India around 2008, tech support scams are a simple and effective way of preying on individuals’ fear.
In its earliest form, the tech support scam involved a scammer cold-calling English speaking countries, and claiming to represent Microsoft Technical Support. The victim would be informed that their machine was infected with malware, and that the caller would help them remove it if granted access to the machine.
Naturally, once access was granted, the scammer would “fix” the problem and promptly demand payment.
All through October, in aid of National Cyber Security Awareness Month (#CyberAware) we’re putting phishing under the microscope. In each post we’ll take a close look at one specific type of phishing, including the actors responsible, who it targets, and how/why it works.
Today, we’re a true phishing classic: Nigerian 419 scams.
It probably comes as no surprise that the second quarter of 2017 brought changes in the phishing landscape. A dramatic increase (41%) in overall phishing volume was observed by the PhishLabs research team. Additionally, there have been shifts in the industries that are being targeted. This is further evidence that the threat landscape is both thriving and volatile as cybercriminals pivot and exploit different targets.
After years of gathering and analyzing phishing data, only one thing is certain - phishing continues to be a successful attack method for cybercriminals.
In the world of cyber security, there are some threats that seem to have been specifically designed to wreck your day.
Ransomware is one of those threats.
Even if you have secure backups, and they’re kept safely away from the rest of your network, the time it takes to restore from them and remove all traces of the offending trojan is sure to get your blood boiling.
So when a new ransomware threat arises, it pays to make sure your house is in order, and your users are on high alert.
In a world where new cyber threats seem to develop almost daily, it’s easy to forget that some tactics have stood the test of time.
Since mid-May, PhishLabs has been tracking an ongoing consumer-focused email phishing campaign.
And what tactic have they been using? The dreaded tech support scam.
No matter how much technology develops, threat actors will nearly always default to the simplest tactic that still works. And when it comes to consumer-focused phishing, there’s nothing simpler (and more effective) than a well constructed tech support scam.
It used to be said that the only certain things in life were death and taxes.
But this adage is in desperate need of an update. In the age of technology, the only certain things in life are death, taxes, and phishing scams.
And scams targeting taxpayers and tax preparers are just the tip of the iceberg. This tax season, schools, nonprofits, NGOs, state/local governments, and aid organizations have also found themselves the targets of wide ranging tax and W-2 phishing scams.
Topics: IRS Phishing Attacks